The reason is simple: except for some sophisticated technologies such as protocols, other technologies are not too deep, and many of them are general, such as routing, firewall, security operation and maintenance, and so on. Most network security work has little room for growth. Training institutions don't know much about it, so it is not recommended.
At present, the security industry is more suitable to develop in two directions: web security and underlying information security.
Web security can usually be understood as the security of websites, that is, penetration testing, front-end vulnerabilities and website data. It has a wide range of applications and is relatively simple to get started, but it is as technical as network security. There are many web security training institutions, and basically all the security training institutions on the market are this series of web security. I'm ok in spring and autumn, but it seems to be an online class. I don't know if there are any fields. Besides, the farmer seems not bad.
The underlying information security is a direction that pays attention to technology in security, including virus anti-virus, vulnerability mining and utilization, software reverse and mobile security, which is relatively hot at present. It is difficult to get started, the employment is narrow, but the prospects are bright. People who have worked for several years have a conservative annual salary of several hundred thousand. Fifteen schools are recommended by training institutions, because this is the only training institution engaged in this field.